markitdown-setup
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the
markitdown-mcppackage from the Python Package Index (PyPI), which is a standard well-known repository. - [COMMAND_EXECUTION]: Executes shell commands (
pip,which) and a Python sub-process to install dependencies and programmatically update configuration files. - [DATA_EXFILTRATION]: Reads and modifies
~/.claude/settings.jsonto register the MCP server. Although this file contains sensitive platform configuration, the access is essential for the skill's stated purpose and no data is exfiltrated to external domains.
Audit Metadata